removal/disable of tcp timestamp with reference to CVE-2005-0356

Question

removal/disable of tcp timestamp with reference to CVE-2005-0356,
please advise is it recommended to remove tcp timestamp on f5 or on the server side to mitigate this vulnerability?&nbsp;

brad_parker · Answer

Are you running BigIP v9.0?  If not, I don't think you have to worry about this.  https://support.f5.com/kb/en-us/solutions/public/4000/700/sol4743.html&nbsp;

dw_888_212625 · Answer

There seem to be a contradicting statement between the CVE-2005-0356 description and F5’s statement:
·         the CVE-2005-0356 description in https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0356 states that PAWS used with timestamp option enabled is vulnerable to DoS
·         in contrast, https://support.f5.com/kb/en-us/solutions/public/8000/000/sol8072.html  PAWS can protect against DoS attacks&nbsp;
kindly advise&nbsp;

brad_parker · Answer

I suggest you open a support case.

Forum Discussion

removal/disable of tcp timestamp with reference to CVE-2005-0356

3 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP in https that redirect to another vip in https

can you help with getting a BigIP virtual edition serial key

In Using the AST tool am I pointing it to TENANTS or to the F5OS(hardware) I have?

2026 is Almost Here

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

Related Content

Certificate Bundle Timestamp Query

Impact of disabling TCP Timestamp in TCP and fasl4 profile

F5 BIG-IP Logging API timestamp to UTC

Redirect iRule for http TimeStamp service

Cookie Violation - Expired TimeStamp.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS